CVE List - 2024 / March
Showing 801 - 900 of 3299 CVEs for March 2024 (Page 9 of 33)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-2314 | 2024-03-10 | If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux... |
| CVE-2024-2364 | 2024-03-10 | Musicshelf Backup androidmanifest.xml backup |
| CVE-2024-2365 | 2024-03-10 | Musicshelf SHA-1 PinningTrustManager.java weak password hash |
| CVE-2024-25854 | 2024-03-11 | Cross Site Scripting (XSS) vulnerability in Sourcecodester Insurance Management System 1.0 allows attackers to run arbitrary code via the Subject and Description fields when submitting a support ticket. |
| CVE-2024-28823 | 2024-03-11 | Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer) 1.0.0 allows XSS via a crafted S3 bucket name to index.html. |
| CVE-2022-46070 | 2024-03-11 | GV-ASManager V6.0.1.0 contains a Local File Inclusion vulnerability in GeoWebServer via Path. |
| CVE-2024-28816 | 2024-03-11 | Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php. |
| CVE-2024-2184 | 2024-03-11 | Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the... |
| CVE-2024-1441 | 2024-03-11 | Libvirt: off-by-one error in udevlistinterfacesbystatus() |
| CVE-2024-0670 | 2024-03-11 | Privilege escalation in windows agent |
| CVE-2024-23608 | 2024-03-11 | Out of Bounds Write Due to Missing Bounds Check in LabVIEW |
| CVE-2024-23610 | 2024-03-11 | Out of Bounds Write Due to Missing Bounds Check in LabVIEW |
| CVE-2024-23611 | 2024-03-11 | Out of Bounds Write Due to Missing Bounds Check in LabVIEW |
| CVE-2024-23609 | 2024-03-11 | Improper Error Handling Issue in LabVIEW |
| CVE-2024-23612 | 2024-03-11 | Improper Error Handling Issue in LabVIEW |
| CVE-2024-0039 | 2024-03-11 | In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2024-0044 | 2024-03-11 | In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2024-0045 | 2024-03-11 | In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges... |
| CVE-2024-0046 | 2024-03-11 | In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional... |
| CVE-2024-0047 | 2024-03-11 | In writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due to a logic error in the code. This could lead to local denial of service when policies... |
| CVE-2024-0048 | 2024-03-11 | In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with... |
| CVE-2024-0049 | 2024-03-11 | In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2024-0050 | 2024-03-11 | In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution... |
| CVE-2024-0051 | 2024-03-11 | In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-0052 | 2024-03-11 | In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local information disclosure with no additional... |
| CVE-2024-0053 | 2024-03-11 | In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution... |
| CVE-2024-23717 | 2024-03-11 | In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote (proximal/adjacent) escalation of privilege with no additional... |
| CVE-2024-1696 | 2024-03-11 | Santesoft Sante FFT Imaging Out-of-bounds Write |
| CVE-2023-6444 | 2024-03-11 | Seriously Simple Podcasting < 3.0.0 - Unauthenticated Administrator Email Disclosure |
| CVE-2024-0559 | 2024-03-11 | Enhanced Text Widget < 1.6.6 - Admin+ Stored XSS |
| CVE-2024-1273 | 2024-03-11 | Starbox < 3.5.0 - Contributor+ Stored XSS |
| CVE-2024-1068 | 2024-03-11 | 404 Solution < 2.35.8 - Admin+ SQL Injection |
| CVE-2024-1290 | 2024-03-11 | Formidable Registration < 2.12 - Contributor+ Arbitrary User Password Reset To Account Takeover |
| CVE-2023-7247 | 2024-03-11 | Login as User or Customer <= 3.8 - Admin Account Takeover |
| CVE-2024-1279 | 2024-03-11 | Paid Memberships Pro < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure |
| CVE-2024-0561 | 2024-03-11 | Ultimate Posts Widget < 2.3.1 - Admin+ Stored XSS |
| CVE-2024-1487 | 2024-03-11 | Photos and Files Contest Gallery < 21.3.1 - Author+ Stored Cross Site Scripting |
| CVE-2024-22005 | 2024-03-11 | there is a possible Authentication Bypass due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed... |
| CVE-2024-22006 | 2024-03-11 | OOB read in the TMU plugin that allows for memory disclosure in the power management subsystem of the device. |
| CVE-2024-22007 | 2024-03-11 | In constraint_check of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-22008 | 2024-03-11 | In config_gov_time_windows of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-22009 | 2024-03-11 | In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-22010 | 2024-03-11 | In dvfs_plugin_caller of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-22011 | 2024-03-11 | In ss_ProcessRejectComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2024-25984 | 2024-03-11 | In dumpBatteryDefend of dump_power.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-25985 | 2024-03-11 | In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User... |
| CVE-2024-25986 | 2024-03-11 | In ppmp_unprotect_buf of drm_fw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE... |
| CVE-2024-25987 | 2024-03-11 | In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2024-25988 | 2024-03-11 | In SAEMM_DiscloseGuti of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2024-25989 | 2024-03-11 | In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-25990 | 2024-03-11 | In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2024-25991 | 2024-03-11 | In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-25992 | 2024-03-11 | In tmu_tz_control of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-25993 | 2024-03-11 | In tmu_reset_tmu_trip_counter of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27204 | 2024-03-11 | In tmu_set_gov_active of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27205 | 2024-03-11 | there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not... |
| CVE-2024-27206 | 2024-03-11 | there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is... |
| CVE-2024-27207 | 2024-03-11 | Exported broadcast receivers allowing malicious apps to bypass broadcast protection. |
| CVE-2024-27208 | 2024-03-11 | there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... |
| CVE-2024-27209 | 2024-03-11 | there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... |
| CVE-2024-27210 | 2024-03-11 | In policy_check of fvp.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27211 | 2024-03-11 | In AtiHandleAPOMsgType of ati_Main.c, there is a possible OOB write due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2024-27212 | 2024-03-11 | In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27213 | 2024-03-11 | In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2024-27218 | 2024-03-11 | In update_freq_data of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-27219 | 2024-03-11 | In tmu_set_pi of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27220 | 2024-03-11 | In lpm_req_handler of , there is a possible out of bounds memory access due to a missing bounds check. This could lead to local escalation of privilege with no additional... |
| CVE-2024-27221 | 2024-03-11 | In update_policy_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27222 | 2024-03-11 | In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANT_URI_PERMISSIONS Attack. This could lead to local escalation of... |
| CVE-2024-27223 | 2024-03-11 | In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after authenticating the cell connection... |
| CVE-2024-27224 | 2024-03-11 | In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27225 | 2024-03-11 | In sendHciCommand of bluetooth_hci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2024-27226 | 2024-03-11 | In tmu_config_gov_params of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2024-27227 | 2024-03-11 | A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues |
| CVE-2024-27228 | 2024-03-11 | there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is... |
| CVE-2024-27229 | 2024-03-11 | In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution privileges... |
| CVE-2024-27230 | 2024-03-11 | In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required.... |
| CVE-2024-27233 | 2024-03-11 | In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... |
| CVE-2024-27234 | 2024-03-11 | In fvp_set_target of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-27235 | 2024-03-11 | In plugin_extern_func of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2024-27236 | 2024-03-11 | In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... |
| CVE-2024-27237 | 2024-03-11 | In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. This could lead to local information disclosure with no additional execution... |
| CVE-2024-28198 | 2024-03-11 | XML external entity (XXE) injection in OpenOLAT |
| CVE-2024-2357 | 2024-03-11 | IKEv2 misconfiguration can cause libreswan to abort and restart |
| CVE-2024-28197 | 2024-03-11 | Account Takeover via Session Fixation in Zitadel [Bypassing MFA] |
| CVE-2024-28187 | 2024-03-11 | OS Command Injection Vulnerability in SOY CMS |
| CVE-2024-28120 | 2024-03-11 | API key leak in codeium-chrome |
| CVE-2024-27938 | 2024-03-11 | SMTP Smuggling in Postal |
| CVE-2024-27297 | 2024-03-11 | Nix Corruption of fixed-output derivations |
| CVE-2024-1645 | 2024-03-11 | The Mollie Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportRegistrations function in all versions up to, and including,... |
| CVE-2024-1400 | 2024-03-11 | The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplication due to a missing capability check on the duplicateForm function in all versions up to, and... |
| CVE-2024-25114 | 2024-03-11 | Sensitive Information Disclosure (JailID) to users in Collabora Online |
| CVE-2024-28199 | 2024-03-11 | Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex |
| CVE-2023-49785 | 2024-03-11 | NextChat vulnerable to Server-Side Request Forgery and Cross-site Scripting |
| CVE-2023-42308 | 2024-03-12 | Cross Site Scripting (XSS) vulnerability in Manage Fastrack Subjects in Code-Projects Exam Form Submission 1.0 allows attackers to run arbitrary code via the "Subject Name" and "Subject Code" Section. |
| CVE-2023-43292 | 2024-03-12 | Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name,... |
| CVE-2024-24092 | 2024-03-12 | SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to run arbitrary code via login.php. |
| CVE-2024-24093 | 2024-03-12 | SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information Update information. |
| CVE-2024-24097 | 2024-03-12 | Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed. |
| CVE-2024-25325 | 2024-03-12 | SQL injection vulnerability in Employee Management System v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to the txtemail parameter in the login.php. |